>> This should make it work until there's a fix for this. > > Currently, using only CN I'm unable to reproduce any issue.
I did my tests here as well, haproxy behavios corretly in all the scenarios I've tested. Peter, the traces and informations you have provided off-list draw a very different picture. Your intermediate certificate configuration is wrong, which is why it works in browser that have the intermediate certificate in cache (IE, Chrome), but not in others (IE). Please test your website with SSLtest, it will show you exactly whats happening: https://www.ssllabs.com/ssltest/ In your specific case, the correct intermediate certificate is " Go Daddy Secure Certificate Authority - G2", but you are serving "Go Daddy Secure Certification Authority" and "The Go Daddy Group / Go Daddy Class 2 Certification Authority". Remove all intermediate certificates from your chain and insert this one: https://certs.godaddy.com/repository/gdig2.crt Regards, Lukas
